Lapsus$ Data Kidnappers Claim Snatches From Microsoft, Okta
Lapsus$ shared screenshots of internal Okta systems and 40Gb of purportedly stolen Microsoft data on Bing, Bing Maps and Cortana. [...]
Showing only posts in Threatpost. Show all posts.
Russia Lays Groundwork for Cyberattacks on US Infrastructure – White House
"Evolving intelligence" shows Russia amping up for cyber-war in response to Ukraine-related sanctions, the White House said -- but researchers warn that many orgs are not prepared. [...]
FIDO: Here’s Another Knife to Help Murder Passwords
After years of promising a passwordless future – really, any day now! – FIDO is proposing tweaks to WebAuthn that could put us out of password misery. Experts aren’t so sure. [...]
Serpent Backdoor Slithers into Orgs Using Chocolatey Installer
An unusual attack using an open-source Python package installer called Chocolatey, steganography and Scheduled Tasks is stealthily delivering spyware to companies. [...]
Browser-in-the-Browser Attack Makes Phishing Nearly Invisible
Can we trust web browsers to protect us, even if they say “https?” Not with the novel BitB attack, which fakes popup SSO windows to phish away credentials for Google, Facebook and Microsoft, et al. [...]
Facestealer Trojan Hidden in Google Play Plunders Facebook Accounts
The trojanized Craftsart Cartoon Photo Tools app is available in the official Android app store, but it's actually spyware capable of stealing any and all information from victims' social-media accounts. [...]
Conti Ransomware V. 3, Including Decryptor, Leaked
The latest is a fresher version of the ransomware pro-Ukraine researcher ContiLeaks already released, but it’s reportedly clunkier code. [...]
Bridgestone Hit as Ransomware Torches Toyota Supply Chain
A ransomware attack struck Bridgestone Americas, weeks after another Toyota supplier experienced the same and a third reported some kind of cyber hit. [...]
Agencies Warn on Satellite Hacks & GPS Jamming Affecting Airplanes, Critical Infrastructure
The Russian invasion of Ukraine has coincided with the jamming of airplane navigation systems and hacks on the SATCOM networks that empower critical infrastructure. [...]
DarkHotel APT Targets Wynn, Macao Hotels to Rip Off Guest Data
A DarkHotel phishing campaign breached luxe hotel networks, including Wynn Palace and the Grand Coloane Resort in Macao, a new report says. [...]
Sandworm APT Hunts for ASUS Routers with Cyclops Blink Botnet
The Russian-speaking APT behind the NotPetya attacks and the Ukrainian power grid takedown could be setting up for additional sinister attacks, researchers said. [...]
Google Blows Lid Off Conti, Diavol Ransomware Access-Broker Ops
Researchers have exposed the work of Exotic Lily, a full-time cybercriminal initial-access group that uses phishing to infiltrate organizations’ networks for further malicious activity. [...]
Dev Sabotages Popular NPM Package to Protest Russian Invasion
In the latest software supply-chain attack, the code maintainer added malicious code to the hugely popular node-ipc library to replace files with a heart emoji and a peacenotwar module. [...]
Misconfigured Firebase Databases Exposing Data in Mobile Apps
Five percent of the databases are vulnerable to threat actors: It's a gold mine of exploit opportunity in thousands of mobile apps, researchers say. [...]
Reporting Mandates to Clear Up Feds’ Hazy Look into Threat Landscape – Podcast
It’s about time, AttackIQ’s Jonathan Reiber said about 24H/72H report deadlines mandated in the new spending bill. As it is, visibility into adversary behavior has been muck. [...]
Pandora Ransomware Hits Giant Automotive Supplier Denso
Denso confirmed that cybercriminals leaked stolen, classified information from the Japan-based car-components manufacturer after an attack on one of its offices in Germany. [...]
Staff Think Conti Group Is a Legit Employer – Podcast
The ransomware group’s benefits – bonuses, employee of the month, performance reviews & top-notch training – might be better than yours, says BreachQuest’s Marco Figueroa. [...]
Cybercrooks’ Political In-Fighting Threatens the West
They’re choosing sides in the Russia-Ukraine war, beckoning previously shunned ransomware groups and thereby reinvigorating those groups' once-diminished power. [...]
Russia Issues Its Own TLS Certs
The country’s citizens are being blocked from the internet because foreign certificate authorities can't accept payments due to Ukraine-related sanctions, so it created its own CA. [...]
Raccoon Stealer Crawls Into Telegram
The credential-stealing trash panda is using the chat app to store and update C2 addresses as crooks find creative new ways to distribute the malware. [...]
Malware Posing as Russia DDoS Tool Bites Pro-Ukraine Hackers
Be careful when downloading a tool to cyber-target Russia: It could be an infostealer wolf dressed in sheep's clothing that grabs your cryptocurrency info instead. [...]
Most Orgs Would Take Security Bugs Over Ethical Hacking Help
A new survey suggests that security is becoming more important for enterprises, but they’re still falling back on old "security by obscurity" ways. [...]
Russia May Use Ransomware Payouts to Avoid Sanctions
FinCEN warns financial institutions to beware of unusual cryptocurrency payments or illegal transactions Russia may use to evade restrictions imposed due to its invasion of Ukraine. [...]
Russia May Use Ransomware Payouts to Avoid Sanctions’ Financial Harm
FinCEN warns financial institutions to be ware of unusual cryptocurrency payments or illegal transactions Russia may use to ease financial hurt from Ukraine-linked sanctions. [...]
Multi-Ransomwared Victims Have It Coming–Podcast
Let's blame the victim. IT decision makers' confidence about security doesn't jibe with their concession that repeated incidents are their own fault, says ExtraHop's Jamie Moles. [...]
« newer articles | page 9 | older articles »